Create a trigger using Terraform

This document describes how to use Google Cloud resources in Terraform to create Eventarc triggers using the google_eventarc_trigger resources for the following destinations:

The examples in this tutorial use direct events from Cloud Storage, but can be adapted for any event provider. For the purposes of this tutorial, new resources are created to be the source of events.

For resources and guidance on using Terraform, see the Terraform on Google Cloud documentation.

Before you begin

  1. Sign in to your Google Cloud account. If you're new to Google Cloud, create an account to evaluate how our products perform in real-world scenarios. New customers also get $300 in free credits to run, test, and deploy workloads.
  2. In the Google Cloud console, on the project selector page, select or create a Google Cloud project.

    Go to project selector

  3. Make sure that billing is enabled for your Google Cloud project.

  4. In the Google Cloud console, on the project selector page, select or create a Google Cloud project.

    Go to project selector

  5. Make sure that billing is enabled for your Google Cloud project.

  6. Enable the Resource Manager and Identity and Access Management (IAM) APIs.

    Enable the APIs

  7. In the Google Cloud console, activate Cloud Shell.

    Activate Cloud Shell

    At the bottom of the Google Cloud console, a Cloud Shell session starts and displays a command-line prompt. Cloud Shell is a shell environment with the Google Cloud CLI already installed and with values already set for your current project. It can take a few seconds for the session to initialize.

  8. Cloud Shell is a shell environment with Terraform already integrated.

Create Eventarc triggers

You can create Eventarc triggers using Terraform for different destinations.

This example uses interpolation for substitutions such as reference variables, attributes of resources, and call functions.

Cloud Run

Using Cloud Shell, deploy your resources with Terraform to create Eventarc triggers.

1. Enable the APIs

Use the following code to enable the required APIs:

# Enable Cloud Run API
resource "google_project_service" "run" {
  service            = "run.googleapis.com"
  disable_on_destroy = false
}

# Enable Eventarc API
resource "google_project_service" "eventarc" {
  service            = "eventarc.googleapis.com"
  disable_on_destroy = false
}

# Enable Pub/Sub API
resource "google_project_service" "pubsub" {
  service            = "pubsub.googleapis.com"
  disable_on_destroy = false
}

2. Create a service account and configure IAM

Use the following code to create a dedicated service account and IAM roles:

# Used to retrieve project information later
data "google_project" "project" {}

# Create a dedicated service account
resource "google_service_account" "eventarc" {
  account_id   = "eventarc-trigger-sa"
  display_name = "Eventarc Trigger Service Account"
}

# Grant permission to receive Eventarc events
resource "google_project_iam_member" "eventreceiver" {
  project = data.google_project.project.id
  role    = "roles/eventarc.eventReceiver"
  member  = "serviceAccount:${google_service_account.eventarc.email}"
}

# Grant permission to invoke Cloud Run services
resource "google_project_iam_member" "runinvoker" {
  project = data.google_project.project.id
  role    = "roles/run.invoker"
  member  = "serviceAccount:${google_service_account.eventarc.email}"
}

If you enabled the Pub/Sub service agent on or before April 8, 2021, grant the iam.serviceAccountTokenCreator role to the service agent:

resource "google_project_iam_member" "tokencreator" {
   project  = data.google_project.project.id
   role     = "roles/iam.serviceAccountTokenCreator"
   member   = "serviceAccount:service-${data.google_project.project.number}@gcp-sa-pubsub.iam.gserviceaccount.com"
}

3. Create a Cloud Storage bucket as an event provider

Use the following code to create a Cloud Storage bucket, with Eventarc related permissions:

# Cloud Storage bucket names must be globally unique
resource "random_id" "bucket_name_suffix" {
  byte_length = 4
}

# Create a Cloud Storage bucket
resource "google_storage_bucket" "default" {
  name          = "trigger-cloudrun-${data.google_project.project.name}-${random_id.bucket_name_suffix.hex}"
  location      = google_cloud_run_v2_service.default.location
  force_destroy = true

  uniform_bucket_level_access = true
}

# Grant the Cloud Storage service account permission to publish pub/sub topics
data "google_storage_project_service_account" "gcs_account" {}
resource "google_project_iam_member" "pubsubpublisher" {
  project = data.google_project.project.id
  role    = "roles/pubsub.publisher"
  member  = "serviceAccount:${data.google_storage_project_service_account.gcs_account.email_address}"
}

4. Define a Cloud Run service as an event target

Create a Cloud Run service as an event destination for the trigger. Use the google_cloud_run_v2_service resource to define a Cloud Run service:

# Deploy Cloud Run service
resource "google_cloud_run_v2_service" "default" {
  name     = "hello-events"
  location = "us-central1"

  deletion_protection = false # set to "true" in production

  template {
    containers {
      # This container will log received events
      image = "us-docker.pkg.dev/cloudrun/container/hello"
    }
    service_account = google_service_account.eventarc.email
  }

  depends_on = [google_project_service.run]
}

5. Define an Eventarc trigger

An Eventarc trigger connects the event provider to an event destination. Use the google_eventarc_trigger resource to define the Cloud Storage direct event provider, sending to a Cloud Run destination.

You can define multiple matching_criteria with CloudEvents attributes supported by Eventarc that act like the event-filters you specify when you create a trigger. For more information, follow the instructions when creating a trigger for a specific provider, event type, and Cloud Run destination. Events that match all the filters are sent to the destination.

# Create an Eventarc trigger, routing Cloud Storage events to Cloud Run
resource "google_eventarc_trigger" "default" {
  name     = "trigger-storage-cloudrun-tf"
  location = google_cloud_run_v2_service.default.location

  # Capture objects changed in the bucket
  matching_criteria {
    attribute = "type"
    value     = "google.cloud.storage.object.v1.finalized"
  }
  matching_criteria {
    attribute = "bucket"
    value     = google_storage_bucket.default.name
  }

  # Send events to Cloud Run
  destination {
    cloud_run_service {
      service = google_cloud_run_v2_service.default.name
      region  = google_cloud_run_v2_service.default.location
    }
  }

  service_account = google_service_account.eventarc.email
  depends_on = [
    google_project_service.eventarc,
    google_project_iam_member.pubsubpublisher
  ]
}

6. Apply the changes

To learn how to apply or remove a Terraform configuration, see Basic Terraform commands.

To apply your Terraform configuration in a Google Cloud project, complete the steps in the following sections.

Prepare Cloud Shell

  1. Launch Cloud Shell.
  2. Set the default Google Cloud project where you want to apply your Terraform configurations.

    You only need to run this command once per project, and you can run it in any directory.

    export GOOGLE_CLOUD_PROJECT=PROJECT_ID

    Environment variables are overridden if you set explicit values in the Terraform configuration file.

Prepare the directory

Each Terraform configuration file must have its own directory (also called a root module).

  1. In Cloud Shell, create a directory and a new file within that directory. The filename must have the .tf extension—for example main.tf. In this tutorial, the file is referred to as main.tf.
    mkdir DIRECTORY && cd DIRECTORY && touch main.tf
  2. If you are following a tutorial, you can copy the sample code in each section or step.

    Copy the sample code into the newly created main.tf.

    Optionally, copy the code from GitHub. This is recommended when the Terraform snippet is part of an end-to-end solution.

  3. Review and modify the sample parameters to apply to your environment.
  4. Save your changes.
  5. Initialize Terraform. You only need to do this once per directory.
    terraform init

    Optionally, to use the latest Google provider version, include the -upgrade option:

    terraform init -upgrade

Apply the changes

  1. Review the configuration and verify that the resources that Terraform is going to create or update match your expectations:
    terraform plan

    Make corrections to the configuration as necessary.

  2. Apply the Terraform configuration by running the following command and entering yes at the prompt:
    terraform apply

    Wait until Terraform displays the "Apply complete!" message.

  3. Open your Google Cloud project to view the results. In the Google Cloud console, navigate to your resources in the UI to make sure that Terraform has created or updated them.

7. Verify the creation of resources

To confirm the service has been created:

gcloud run services list --region us-central1

To confirm the trigger has been created:

gcloud eventarc triggers list --location us-central1

The output should be similar to the following:

NAME: trigger-storage-cloudrun-tf
TYPE: google.cloud.storage.object.v1.finalized
DESTINATION: Cloud Run service: hello-events
ACTIVE: Yes
LOCATION: us-central1

GKE

Using Cloud Shell, deploy your resources with Terraform to create Eventarc triggers.

The Eventarc trigger requires a Google Kubernetes Engine service. To simplify this tutorial, you will configure this service outside of Terraform, in between applying Terraform configurations.

1. Create a GKE cluster

Use the following code to enable the required APIs:

# Enable GKE API
resource "google_project_service" "container" {
  service            = "container.googleapis.com"
  disable_on_destroy = false
}

# Enable Eventarc API
resource "google_project_service" "eventarc" {
  service            = "eventarc.googleapis.com"
  disable_on_destroy = false
}

# Enable Pub/Sub API
resource "google_project_service" "pubsub" {
  service            = "pubsub.googleapis.com"
  disable_on_destroy = false
}

Use the following code to create a GKE cluster:

# Create an auto-pilot GKE cluster
resource "google_container_cluster" "gke_cluster" {
  name     = "eventarc-cluster"
  location = "us-central1"

  enable_autopilot = true

  depends_on = [
    google_project_service.container
  ]
}

2. Apply the changes

To learn how to apply or remove a Terraform configuration, see Basic Terraform commands.

To apply your Terraform configuration in a Google Cloud project, complete the steps in the following sections.

Prepare Cloud Shell

  1. Launch Cloud Shell.
  2. Set the default Google Cloud project where you want to apply your Terraform configurations.

    You only need to run this command once per project, and you can run it in any directory.

    export GOOGLE_CLOUD_PROJECT=PROJECT_ID

    Environment variables are overridden if you set explicit values in the Terraform configuration file.

Prepare the directory

Each Terraform configuration file must have its own directory (also called a root module).

  1. In Cloud Shell, create a directory and a new file within that directory. The filename must have the .tf extension—for example main.tf. In this tutorial, the file is referred to as main.tf.
    mkdir DIRECTORY && cd DIRECTORY && touch main.tf
  2. If you are following a tutorial, you can copy the sample code in each section or step.

    Copy the sample code into the newly created main.tf.

    Optionally, copy the code from GitHub. This is recommended when the Terraform snippet is part of an end-to-end solution.

  3. Review and modify the sample parameters to apply to your environment.
  4. Save your changes.
  5. Initialize Terraform. You only need to do this once per directory.
    terraform init

    Optionally, to use the latest Google provider version, include the -upgrade option:

    terraform init -upgrade

Apply the changes

  1. Review the configuration and verify that the resources that Terraform is going to create or update match your expectations:
    terraform plan

    Make corrections to the configuration as necessary.

  2. Apply the Terraform configuration by running the following command and entering yes at the prompt:
    terraform apply

    Wait until Terraform displays the "Apply complete!" message.

  3. Open your Google Cloud project to view the results. In the Google Cloud console, navigate to your resources in the UI to make sure that Terraform has created or updated them.

3. Configure GKE

Deploy a Kubernetes service on GKE that will receive HTTP requests and log events by using a prebuilt Cloud Run image, us-docker.pkg.dev/cloudrun/container/hello:

  1. Get authentication credentials to interact with the cluster:

    gcloud container clusters get-credentials eventarc-cluster \
       --region=us-central1
    
  2. Create a deployment named hello-gke:

    kubectl create deployment hello-gke \
       --image=us-docker.pkg.dev/cloudrun/container/hello
    
  3. Expose the deployment as a Kubernetes service:x

    kubectl expose deployment hello-gke \
       --type ClusterIP --port 80 --target-port 8080
    
  4. Make sure the pod is running:

    kubectl get pods
    

    The output should be similar to the following:

    NAME                        READY   STATUS
    hello-gke-df6469d4b-5vv22   1/1     Running
    

    If the STATUS is Pending, the pod is deploying. Wait a minute for the deployment to complete, and check the status again.

  5. Make sure the service is running:

    kubectl get svc
    

    The output should be similar to the following:

    NAME         TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)   AGE
    hello-gke    ClusterIP   34.118.226.144   <none>        80/TCP
    kubernetes   ClusterIP   34.118.224.1     <none>        443/TCP
    

4. Create and configure Eventarc

Use the following configuration to set up a service account, and grant it specific roles for Eventarc to manage events for GKE.

# Create a service account to be used by GKE trigger
resource "google_service_account" "eventarc_gke_trigger_sa" {
  account_id   = "eventarc-gke-trigger-sa"
  display_name = "Evenarc GKE Trigger Service Account"
}

# Grant permission to receive Eventarc events
resource "google_project_iam_member" "eventreceiver" {
  project = data.google_project.project.id
  role    = "roles/eventarc.eventReceiver"
  member  = "serviceAccount:${google_service_account.eventarc_gke_trigger_sa.email}"
}

# Grant permission to subscribe to Pub/Sub topics
resource "google_project_iam_member" "pubsubscriber" {
  project = data.google_project.project.id
  role    = "roles/pubsub.subscriber"
  member  = "serviceAccount:${google_service_account.eventarc_gke_trigger_sa.email}"
}

Use the following code to create a Cloud Storage bucket, with Eventarc related permissions:

# Cloud Storage bucket names must be globally unique
resource "random_id" "bucket_name_suffix" {
  byte_length = 4
}

# Create a Cloud Storage bucket
resource "google_storage_bucket" "default" {
  name          = "trigger-gke-${data.google_project.project.name}-${random_id.bucket_name_suffix.hex}"
  location      = "us-central1"
  force_destroy = true

  uniform_bucket_level_access = true
}

# Grant the Cloud Storage service account permission to publish pub/sub topics
data "google_storage_project_service_account" "gcs_account" {}
resource "google_project_iam_member" "pubsubpublisher" {
  project = data.google_project.project.id
  role    = "roles/pubsub.publisher"
  member  = "serviceAccount:${data.google_storage_project_service_account.gcs_account.email_address}"
}

Use the following configuration to enable the required APIs and initialize Eventarc GKE destination services:

# Used to retrieve project_number later
data "google_project" "project" {}

# Enable Eventarc to manage GKE clusters
# This is usually done with: gcloud eventarc gke-destinations init
#
# Eventarc creates a separate Event Forwarder pod for each trigger targeting a
# GKE service, and  requires explicit permissions to make changes to the
# cluster. This is done by granting permissions to a special service account
# (the Eventarc P4SA) to manage resources in the cluster. This needs to be done
# once per Google Cloud project.

# This identity is created with: gcloud beta services identity create --service eventarc.googleapis.com
# This local variable is used for convenience
locals {
  eventarc_sa = "serviceAccount:service-${data.google_project.project.number}@gcp-sa-eventarc.iam.gserviceaccount.com"
}

resource "google_project_iam_member" "computeViewer" {
  project = data.google_project.project.id
  role    = "roles/compute.viewer"
  member  = local.eventarc_sa
}

resource "google_project_iam_member" "containerDeveloper" {
  project = data.google_project.project.id
  role    = "roles/container.developer"
  member  = local.eventarc_sa
}

resource "google_project_iam_member" "serviceAccountAdmin" {
  project = data.google_project.project.id
  role    = "roles/iam.serviceAccountAdmin"
  member  = local.eventarc_sa
}

Create an Eventarc trigger that routes Pub/Sub events to the hello-gke GKE service.

You can define multiple matching_criteria with CloudEvents attributes supported by Eventarc that act like the event-filters you specify when you create a trigger. For more information, follow the instructions when creating a trigger for a specific provider, event type, and GKE destination. Events that match all the filters are sent to the destination.

# Create an Eventarc trigger, routing Storage events to GKE
resource "google_eventarc_trigger" "default" {
  name     = "trigger-storage-gke-tf"
  location = "us-central1"

  # Capture objects changed in the bucket
  matching_criteria {
    attribute = "type"
    value     = "google.cloud.storage.object.v1.finalized"
  }
  matching_criteria {
    attribute = "bucket"
    value     = google_storage_bucket.default.name
  }

  # Send events to GKE service
  destination {
    gke {
      cluster   = "eventarc-cluster"
      location  = "us-central1"
      namespace = "default"
      path      = "/"
      service   = "hello-gke"
    }
  }

  service_account = google_service_account.eventarc_gke_trigger_sa.email
}

5. Apply the additional changes

To apply the additional Terraform configuration in a Google Cloud project, complete the following steps:

  1. Create the Eventarc identity account:

    gcloud beta services identity create --service eventarc.googleapis.com
    
  2. Add the new Terraform code from the previous step to your existing main.tf file.

  3. Apply the updated Terraform configurations:

    terraform plan
    terraform apply
    

    Wait until Terraform displays the "Apply complete!" message.

  4. Open your Google Cloud project to view the results. In the Google Cloud console, navigate to your resources in the UI to make sure that Terraform has created or updated them.

Workflows

Using Cloud Shell, deploy your resources with Terraform to create a workflow and an Eventarc trigger.

1. Enable the APIs

Use the following code to enable the required APIs:

# Enable Eventarc API
resource "google_project_service" "eventarc" {
  service            = "eventarc.googleapis.com"
  disable_on_destroy = false
}

# Enable Workflows API
resource "google_project_service" "workflows" {
  service            = "workflows.googleapis.com"
  disable_on_destroy = false
}

# Enable Pub/Sub API
resource "google_project_service" "pubsub" {
  service            = "pubsub.googleapis.com"
  disable_on_destroy = false
}

2. Create a service account and configure IAM

Use the following code to create a dedicated service account and add IAM roles:

# Used to retrieve project information later
data "google_project" "project" {}

# Create a service account for Eventarc trigger and Workflows
resource "google_service_account" "eventarc" {
  account_id   = "eventarc-workflows-sa"
  display_name = "Eventarc Workflows Service Account"
}

# Grant permission to invoke workflows
resource "google_project_iam_member" "workflowsinvoker" {
  project = data.google_project.project.id
  role    = "roles/workflows.invoker"
  member  = "serviceAccount:${google_service_account.eventarc.email}"
}

# Grant permission to receive events
resource "google_project_iam_member" "eventreceiver" {
  project = data.google_project.project.id
  role    = "roles/eventarc.eventReceiver"
  member  = "serviceAccount:${google_service_account.eventarc.email}"
}

If you enabled the Pub/Sub service agent on or before April 8, 2021, grant the iam.serviceAccountTokenCreator role to the service agent:

resource "google_project_iam_member" "tokencreator" {
   project  = data.google_project.project.id
   role     = "roles/iam.serviceAccountTokenCreator"
   member   = "serviceAccount:service-${data.google_project.project.number}@gcp-sa-pubsub.iam.gserviceaccount.com"
}

3. Create a Cloud Storage bucket as an event provider

Use the following code to create a Cloud Storage bucket, with Eventarc related permissions:

# Cloud Storage bucket names must be globally unique
resource "random_id" "bucket_name_suffix" {
  byte_length = 4
}

# Create a Cloud Storage bucket
resource "google_storage_bucket" "default" {
  name          = "trigger-workflows-${data.google_project.project.name}-${random_id.bucket_name_suffix.hex}"
  location      = google_workflows_workflow.default.region
  force_destroy = true

  uniform_bucket_level_access = true
}

# Grant the Cloud Storage service account permission to publish Pub/Sub topics
data "google_storage_project_service_account" "gcs_account" {}
resource "google_project_iam_member" "pubsubpublisher" {
  project = data.google_project.project.id
  role    = "roles/pubsub.publisher"
  member  = "serviceAccount:${data.google_storage_project_service_account.gcs_account.email_address}"
}

4. Create and deploy a workflow

Define and deploy a workflow that gets executed when an object is updated in the created bucket:

# Create a workflow
resource "google_workflows_workflow" "default" {
  name        = "storage-workflow-tf"
  region      = "us-central1"
  description = "Workflow that returns information about storage events"

  deletion_protection = false # set to "true" in production

  # Note that $$ is needed for Terraform
  source_contents = <<EOF
  main:
    params: [event]
    steps:
      - log_event:
          call: sys.log
          args:
            text: $${event}
            severity: INFO
      - gather_data:
          assign:
            - bucket: $${event.data.bucket}
            - name: $${event.data.name}
            - message: $${"Received event " + event.type + " - " + bucket + ", " + name}
      - return_data:
          return: $${message}
  EOF

  depends_on = [
    google_project_service.workflows
  ]
}

5. Create an Eventarc trigger

Create an Eventarc trigger that routes direct events on the created bucket to Workflows. Use the google_eventarc_trigger resource to define the Eventarc trigger resource.

You can define multiple matching_criteria with CloudEvents attributes supported by Eventarc that act like the event-filters you specify when you create a trigger. For more information, follow the instructions when creating a trigger for a specific provider, event type, and Workflows destination.

Events that match all the filters are sent to the destination.

# Create an Eventarc trigger, routing Cloud Storage events to Workflows
resource "google_eventarc_trigger" "default" {
  name     = "trigger-storage-workflows-tf"
  location = google_workflows_workflow.default.region

  # Capture objects changed in the bucket
  matching_criteria {
    attribute = "type"
    value     = "google.cloud.storage.object.v1.finalized"
  }
  matching_criteria {
    attribute = "bucket"
    value     = google_storage_bucket.default.name
  }

  # Send events to Workflows
  destination {
    workflow = google_workflows_workflow.default.id
  }

  service_account = google_service_account.eventarc.email

  depends_on = [
    google_project_service.eventarc,
    google_project_service.workflows,
  ]
}

6. Apply the changes

To learn how to apply or remove a Terraform configuration, see Basic Terraform commands.

To apply your Terraform configuration in a Google Cloud project, complete the steps in the following sections.

Prepare Cloud Shell

  1. Launch Cloud Shell.
  2. Set the default Google Cloud project where you want to apply your Terraform configurations.

    You only need to run this command once per project, and you can run it in any directory.

    export GOOGLE_CLOUD_PROJECT=PROJECT_ID

    Environment variables are overridden if you set explicit values in the Terraform configuration file.

Prepare the directory

Each Terraform configuration file must have its own directory (also called a root module).

  1. In Cloud Shell, create a directory and a new file within that directory. The filename must have the .tf extension—for example main.tf. In this tutorial, the file is referred to as main.tf.
    mkdir DIRECTORY && cd DIRECTORY && touch main.tf
  2. If you are following a tutorial, you can copy the sample code in each section or step.

    Copy the sample code into the newly created main.tf.

    Optionally, copy the code from GitHub. This is recommended when the Terraform snippet is part of an end-to-end solution.

  3. Review and modify the sample parameters to apply to your environment.
  4. Save your changes.
  5. Initialize Terraform. You only need to do this once per directory.
    terraform init

    Optionally, to use the latest Google provider version, include the -upgrade option:

    terraform init -upgrade

Apply the changes

  1. Review the configuration and verify that the resources that Terraform is going to create or update match your expectations:
    terraform plan

    Make corrections to the configuration as necessary.

  2. Apply the Terraform configuration by running the following command and entering yes at the prompt:
    terraform apply

    Wait until Terraform displays the "Apply complete!" message.

  3. Open your Google Cloud project to view the results. In the Google Cloud console, navigate to your resources in the UI to make sure that Terraform has created or updated them.

7. Verify the creation of the workflow

To verify that the workflow is created, run:

gcloud workflows list --location us-central1

8. Verify the creation of the Eventarc trigger

To verify that the Eventarc trigger is created, run:

gcloud eventarc triggers list --location us-central1

The output should be similar to the following:

NAME: trigger-storage-workflows-tf
TYPE: google.cloud.storage.object.v1.finalized
DESTINATION: Workflows: storage-workflow-tf
ACTIVE: Yes
LOCATION: us-central1

Generate and view an event

You can generate an event and confirm that the Eventarc trigger is working as expected.

Cloud Run

  1. To generate an event:

    Upload a text file to Cloud Storage:

    echo "Hello World" > random.txt
    gcloud storage cp random.txt gs://trigger-cloudrun-PROJECT_ID/random.txt
    

    The upload generates an event and the Cloud Run service logs the event's message.

  2. To verify that an event is received:

    1. View the event-related log entries created by your service:
    gcloud logging read "resource.type=cloud_run_revision \
        AND resource.labels.service_name=hello-events"
    

    Alternatively, open the Google Cloud console, navigate to the Cloud Run resource, and view the logs.

    1. Look for a log entry similar to the following:
    Received event of type google.cloud.storage.object.v1.finalized.
    Event data: { "kind": "storage#object", "id": "trigger-cloudrun-PROJECT_ID/random.txt", ...}
    

GKE

  1. To generate an event:

    Upload a text file to Cloud Storage:

    echo "Hello World" > random.txt
    gcloud storage cp random.txt gs://trigger-gke-PROJECT_ID/random.txt
    

    The upload generates an event and the Cloud Run service logs the event's message.

  2. To verify that an event is received:

    1. Find the pod ID:

      POD_NAME=$(kubectl get pods -o custom-columns=":metadata.name" --no-headers)
      

      This command uses kubectl's formatted output.

    2. Check the logs of the pod:

      kubectl logs $POD_NAME
      
    3. Look for a log entry similar to the following:

      {"severity":"INFO","eventType":"google.cloud.pubsub.topic.v1.messagePublished",
      "message":"Received event of type google.cloud.pubsub.topic.v1.messagePublished.", [...]}
      

Workflows

  1. To generate an event:

    Upload a text file to Cloud Storage:

    echo "Hello World" > random.txt
    gcloud storage cp random.txt gs://trigger-workflows-PROJECT_ID/random.txt
    

    The upload generates an event and the Cloud Run service logs the event's message.

  2. To verify that an event is received:

    1. Verify that a workflows execution is triggered by listing the last five executions:

      gcloud workflows executions list storage-workflow-tf --limit=5
      

      The output should include a list of executions with a NAME, START_TIME, END_TIME, and STATUS.

    2. Get the results for the most recent execution:

      EXECUTION_NAME=$(gcloud workflows executions list storage-workflow-tf --limit=1 --format "value(name)")
      gcloud workflows executions describe $EXECUTION_NAME
      
    3. Confirm the output is similar to the following:

      ...
      result: '"Received event google.cloud.storage.object.v1.finalized - trigger-workflows-PROJECT_ID, random.txt"'
      state: SUCCEEDED
      ...
      

      Look for the state: SUCCEEDED and result: "Received event" in the workflows output.

Clean up

Remove resources previously applied with your Terraform configuration by running the following command and entering yes at the prompt:

terraform destroy

You can also delete your Google Cloud project to avoid incurring charges. Deleting your Google Cloud project stops billing for all the resources used within that project.

  1. In the Google Cloud console, go to the Manage resources page.

    Go to Manage resources

  2. In the project list, select the project that you want to delete, and then click Delete.
  3. In the dialog, type the project ID, and then click Shut down to delete the project.

What's next